https://github.com/second-inc/second
The factory for custom internal software, purpose-built for human2agent work.
https://github.com/second-inc/second
agent-management agents ai-agents internal-tool nextjs on-prem self-hosted shadcn-ui typescript
Last synced: 3 days ago
JSON representation
The factory for custom internal software, purpose-built for human2agent work.
- Host: GitHub
- URL: https://github.com/second-inc/second
- Owner: Second-Inc
- License: apache-2.0
- Created: 2026-05-17T14:18:24.000Z (about 2 months ago)
- Default Branch: main
- Last Pushed: 2026-06-30T16:27:07.000Z (4 days ago)
- Last Synced: 2026-06-30T18:16:34.848Z (4 days ago)
- Topics: agent-management, agents, ai-agents, internal-tool, nextjs, on-prem, self-hosted, shadcn-ui, typescript
- Language: TypeScript
- Homepage: https://docs.second.so
- Size: 4.63 MB
- Stars: 71
- Watchers: 0
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Security: SECURITY.md
- Agents: AGENTS.md
Awesome Lists containing this project
README

Second
**Humans and agents, side by side.**
Second is a factory for custom internal software,
purpose-built for human2agent work.
## Quick Start
Run Second locally:
```bash
npx --yes @second-inc/cli
```
| Platform | Status |
|:---|:---|
| Apple Silicon Mac (M1-M5) | **Available now** |
| Linux x64, Windows via WSL2 | Experimental |
| Intel Mac, native Windows | Coming soon |
Bring your agent:
✅
✅
Soon
## What is Second?
Second is the infrastructure for human2agent work.
Instead of managing agents in chat windows, **Second lets you orchestrate a team of agents inside custom apps you build around your team's actual needs.**
From one prompt, Second builds complete apps **that treat agents as first-class citizens:** agents work inside the apps you build, right alongside your team. They read and write to the same real-time DB as your team does, and get generated, scoped tools to handle real workloads inside your apps.
We believe custom apps are the right abstraction for continuous work with a team of agents. Chat is great for one-off tasks, but shared state, queues and pipelines require real software where humans and agents can work on the same page.
### How It Works
Second is a single workspace that creates production-ready apps.
1. **You describe your app.** In a single prompt.
2. **Second generates it.** The agents, scoped tools, and a beautiful UI, backed by a real-time DB.
3. **Your team now works alongside agents** in the same shared custom software.
Example: competitor tracker app built on Second
This example features agents discovering new competitors, enriching them, and generating a weekly recap deck from all available information.
GitHub mobile app? Click here to watch the video →
•
Second is the most powerful way to build custom GUIs for agents.
Production-ready software for your team, deployed in your VPC, built around your workflows.
## Second vs. Other Solutions
Most platforms weren't built for multiplayer, async work with agents. They either treat agents as an afterthought bolted onto existing tools, or they're too opinionated and end up not fitting how your team actually works.
Second solves that: think Paperclip or Multica, but instead of pre-built software you get to build your own custom GUI for a team of agents, tailored to your company's needs.
---
## The Internal Platform Everyone Needs (and Builds)
Companies like **Ramp** and **Deel** have already figured out that teams are building amazing things internally with Claude, Codex, or Lovable- but most never reach production (security, governance, integrations, maintenance, agent access control...). To solve this, they built internal platforms for themselves.
**Second lets every organization have that.**
Every app you build in Second gets a real-time DB, audit logs, RBAC, agent RBAC, and governance tools built into the workspace.
👥 For Teams
- Build custom apps from a single prompt
- Run multiple agents in parallel across workflows
- Real-time collaborative UI with agents and humans on the same page
- Never blocked: integrations return mock data until connected
🛠️ For Platform Engineers
- Fine-grained access control per app, per agent, per integration
- One-time workspace setup, unlimited apps
- Full governance: draft/review/publish lifecycle
- Deploy on your own k8s, air-gapped or on-prem
> [!TIP]
> **Enterprise deployment?** See [Enterprise Deployment and Security](https://docs.second.so/enterprise).
>
> Need help with security, SSO, deployment, cost management, runtime setup, and SLA support? Contact [sales@second.so](mailto:sales@second.so).
---
## Core Philosophy
| Principle | What it means in Second |
|:---|:---|
| **Build the app, not just the agent.** | The durable artifact is working internal software: a focused UI, live data, team workflows, and agents that operate inside that product. |
| **Agents are first-class citizens.** | Apps can include multiple named agents with roles, tools, data access, schedules, and visible run history. They are not bolted-on chat widgets. |
| **Humans stay in command.** | Plans, agent configs, integration setup, and publishing go through explicit review. Agents can work freely only inside the boundaries you approved. |
| **Small tools beat broad access.** | The builder creates scoped tools for the specific app and use case. Tools are tied to approved domains, collections, integration grants, and secret placeholders. |
| **Integrations should self-build.** | Instead of starting with a giant MCP catalog or handing agents every connector, Second generates the narrow integration contract and human setup instructions the app actually needs. |
| **Collaboration is the runtime.** | Agent-to-agent and agent-to-human work happens through the app's shared state, realtime updates, resumable streams, comments, approvals, and audit trail. |
| **Generated software must still be real software.** | Draft and published snapshots are separated, source is persisted, builds are checked, data survives restarts, and production access follows the same tenant and permission model. |
| **Local-first, on-prem-ready.** | Start on your machine. Deploy inside your cloud when the workflow matters. Your VPC, your auth provider, your secrets, your rules. |
---
## Features
| Feature | |
|:---|:---|
| **🔧 Prompt-to-App Generation** | Generate internal apps, data models, agents, tools, and setup instructions from one prompt |
| **🤖 App Agents** | Each app gets its own first-class agents with roles, prompts, data access, and approved tools |
| **🧰 Scoped Tool Generation** | Tools are generated per app and tied to explicit domains, collections, inputs, and integration grants |
| **🔌 Self-Building Integrations** | Second creates connection requirements and human setup instructions only when the app needs them |
| **🤹 Multi-Agent Orchestration** | Run specialized agents in parallel across foreground, background, scheduled, and async workflows |
| **🔄 BYO Runtime** | Use Claude Code, Codex, OpenCode, or your own harness. Switch runtimes per app or message |
| **⚡ Realtime Collaboration** | Live data, change streams, resumable streams, and optimistic updates keep teams and agents synced |
| **👥 Multiplayer Sessions** | Talk with agents, invite teammates into sessions, and collaborate with shared context |
| **🔒 Agent Permissions** | Agents run with approved tools, data, and integrations. Everything is scoped and audited |
| **🛡️ Governance** | Draft, review, approve, and publish apps with agents and integrations under control |
| **📋 Audit Logs** | Every agent action, tool call, data write, and access denial recorded and searchable |
| **🏠 Self-Hosted / On-Prem** | Deploy on your own infrastructure. Your Kubernetes cluster, your VPC, your rules |
| **🧠 Workspace Agents** | Create reusable agents with prompts, skills, models, and team visibility |
| **📚 Workspace Skills** | Define instructions once, then attach them to agents across the workspace |
| **⏲️ Scheduled Agent Jobs** | Agents run on a schedule for periodic research, monitoring, and background tasks |
| **🚀 One-Command Setup** | From zero to running with `npx @second-inc/cli` |
## Share and use pre-built apps
Download pre-built apps as ZIP files from our catalog, then click **Import App** to load one into your workspace.
Available Apps (1):
- [Polsia](https://github.com/Second-Inc/second-apps/releases/download/polsia-v1/Polsia.second-app.zip)

## What You Can Build
🎯 Lead Enrichment Pipeline
**Flow:** 🤖 Scrape leads → 🤖 Enrich from LinkedIn + web → 🤖 Score and rank → 👤 Team reviews top leads
**Tools:** HubSpot, LinkedIn, Web Search
**Agents:** Scraper Agent, Enrichment Agent, Scoring Agent
PIPELINE 47 leads ▼
Lead
Score
Status
Acme Corp
92/100
✅ Ready
👤 [Call]
Nova Labs
78/100
🤖 Enriching
🤖 Score next
Peak Inc
--
🤖 Scraping...
3 sources
💬 Scoring Agent
"Acme Corp: 200 employees, Series A, hiring 3 engineers. Score: 92. Ready for review."
👤 [Accept] [Edit] [Skip]
📊 GTM War Room
**Flow:** 🤖 Agent pulls weekly metrics → 👤 PMM reviews positioning → 👤 Sales adds field notes → 🤖 Agent generates battlecard
**Tools:** HubSpot, Slack, Google Docs, Analytics
**Agents:** Metrics Agent, Battlecard Agent
GTM WAR ROOM
Week 21 ▼
📈
THIS WEEK
Pipeline: $320k (+14%)
Win rate: 38% (up from 31%)
Lost to competitor: 3 deals
👤
PMM added positioning note
"Emphasize self-hosted angle vs. Acme's cloud-only offer"
👤
Sales added field note
"Acme offering 40% discounts to win back churned accounts"
🤖
Battlecard Agent
"Updated battlecard with new field intel. 2 new objection handlers added."
👤 [Review card] [Push to Docs]
And many more:
| Use Case | What It Does | Tools | Agents |
|:---|:---|:---|:---|
| **Competitor Research Dashboard** | Monitor competitor changes, review and flag important updates, compile reports, and share research | Web Search, Google Alerts, Drive | Research Agent, Alert Agent, Report Agent |
| **Content Curation Pipeline** | Fetch videos, select clips, cut and upload assets, and route finished content for approval | YouTube API, Clipping Service, Google Drive | Curator Agent, Clip Agent |
| **Social Media Ops** | Draft posts, schedule across platforms, track engagement, repurpose top performers | Twitter/X, LinkedIn, Buffer | Content Agent, Scheduling Agent, Analytics Agent |
| **Recruiting Pipeline** | Source candidates, screen resumes, schedule interviews, track pipeline | LinkedIn, ATS, Google Calendar, Gmail | Sourcing Agent, Screening Agent, Scheduling Agent |
| **Customer Success** | Pull data from CRMs and support tools, surface churn risk, draft outreach | HubSpot, Intercom, Slack | Insights Agent, Churn Agent, Outreach Agent |
| **Invoice & Expense Tracking** | Collect invoices from email, extract data, match to POs, flag discrepancies | Gmail, Google Drive, Accounting API | Extraction Agent, Matching Agent, Approval Agent |
| **Compliance Monitoring** | Scan for policy violations, flag issues, route to approvers | Internal APIs, Slack, Jira | Compliance Agent, Triage Agent, Routing Agent |
| **Internal Knowledge Base** | Continuously index docs, summarize updates, answer team questions | Notion, Confluence, Slack | Indexing Agent, Summary Agent, Q&A Agent |
| **Founder's Daily Brief** | Aggregate metrics, news, emails, and calendar into one morning summary | Gmail, Google Calendar, Analytics, Web Search | Metrics Agent, News Agent, Brief Agent |
| **PR & Media Monitoring** | Track brand mentions, analyze sentiment, draft responses, alert on crises | Web Search, Twitter/X, Slack, Google Docs | Monitor Agent, Sentiment Agent, Response Agent |
| **Product Feedback Loop** | Collect feedback from support tickets, reviews, and calls, cluster themes, surface to PM | Intercom, G2, Gong, Slack | Collection Agent, Clustering Agent, Summary Agent |
| **Vendor & Contract Management** | Track renewal dates, compare pricing, flag expiring contracts, draft RFPs | Gmail, Notion, Slack | Tracker Agent, Comparison Agent, Draft Agent |
| **SEO Content Pipeline** | Research keywords, generate briefs, draft articles, track rankings | Ahrefs, Web Search, Notion, Analytics | Research Agent, Brief Agent, Writer Agent |
| **Security Alert Triage** | Ingest alerts from multiple tools, deduplicate, prioritize, assign to on-call | PagerDuty, Slack, Jira, SIEM API | Ingestion Agent, Triage Agent, Assignment Agent |
| **Meeting Follow-ups** | Record action items from meetings, assign owners, send follow-up emails, track completion | Google Calendar, Gong, Gmail, Notion | Notes Agent, Follow-up Agent, Tracker Agent |
---
## Why Second is Special
**Second generates dynamic, agent-native software.** For each app:
- **Scoped tools created per app, for every agent.** Agents can never do things you don't want them to do.
- **Second is true self-building software.** It generates the integrations, connection instructions, and scoped tools.
- **Agents never see secrets.** Secrets are injected server-side.
- **`agents.json`: governed policy as code.** Each app has an `agents.json`. Changes require admin approval via hash verification.
- **Draft and published are fully separated.** Builders iterate freely with mock data. Published apps only run the last approved config.
On top of that, Second handles the hard parts:
| Capability | |
|:---|:---|
| **🤹 Multi-agent orchestration** | Multiple specialized agents per app, coordinated through shared app state |
| **⏲️ Long-running async work** | Scheduled jobs, periodic research, background runs, and resumable streams |
| **🗃️ Live data persistence** | Realtime DB with Change Streams; app data survives restarts and user churn |
| **🧾 Governance and auditability** | Review flows, access checks, integration approvals, and searchable audit events |
---
## Security & Governance
Second is designed for enterprise teams that need complete control over what humans and agents can access and do.
**Zero-trust architecture for agents.** No agent is granted implicit access to anything. Every capability, every data collection, every integration must be explicitly declared, scoped, and approved before an agent can act.
| Feature | Description |
|:---|:---|
| **Agent access control** | Capabilities defined in `agents.json`: approved collections, allowed tools, integration scopes. Changes require admin approval via cryptographic hash verification. Secrets injected server-side; agents never see credentials. |
| **Role-based access control** | Workspace roles (owner, admin, member) with granular permissions: `integrations:manage`, `members:invite`, `audit:read`. App-level roles for creators and collaborators. |
| **Approval flows** | Draft/review/publish lifecycle. Platform engineers approve apps, agent configs, and integration grants before anything goes live. |
| **Domain-locked tools** | Custom HTTP tools locked to declared domains. Private IP access rejected. Agents with org tools such as HubSpot and Slack are blocked from internet access. |
| **Audit logs** | Every action recorded: app changes, agent tool calls, data writes, access denials, integration usage. Secrets are never stored, only hashes and metadata. |
| **Workspace isolation** | Complete tenant isolation. Every query scoped to `workspaceId`. Cross-workspace access returns `404`, not `403`, to prevent resource enumeration. |
| **Subprocess hardening** | Infrastructure secrets scrubbed from agent subprocess environments. Linux deployments use `bubblewrap` sandboxing. CLI runtimes get allowlisted env + private per-app HOME. |
### `agents.json`: Agent Policy as Code
Every app's agent capabilities are declared, version-controlled, and approved:
```json
{
"agents": [
{
"id": "lead-enricher",
"name": "Lead Enricher",
"description": "Enriches leads with public company data",
"systemPrompt": "You are a lead enrichment agent...",
"dataCollections": ["leads"],
"tools": [
{ "type": "builtin", "name": "WebSearch", "enabled": true },
{
"type": "custom",
"name": "hubspot_fetch_contacts",
"integration": { "domain": "hubapi.com" },
"endpoint": {
"method": "GET",
"url": "https://api.hubapi.com/crm/v3/objects/contacts",
"headers": { "Authorization": "Bearer {{secrets.HUBSPOT_PRIVATE_APP_TOKEN}}" }
}
}
]
}
]
}
```
- Secrets are resolved server-side via `{{secrets.*}}` templates, never embedded in config
- Any change to `agents.json` **clears existing approval**, preventing silent config drift
- Published apps use the **last approved hash** only, while draft changes stay sandboxed
## Self-Hosting
Second runs on your infrastructure: your Kubernetes cluster, your VPC, your rules.
For full environment setup, see the [self-hosting docs](https://docs.second.so/self-hosting).
> [!TIP]
> Need help with security, SSO, deployment, cost management, runtime setup, or SLA support? Contact [sales@second.so](mailto:sales@second.so).
### Production Requirements
| Component | Requirement |
|:---|:---|
| **MongoDB 8.0+** | Replica set (required for Change Streams) |
| **Redis 7+** | Stream resumption, pub/sub, OAuth state |
| **Auth provider** | External auth (WorkOS or custom) for `SECOND_AUTH_MODE=external` |
| **HTTPS** | Reverse proxy with TLS termination |
| **Agent runtime credentials** | Claude: `ANTHROPIC_API_KEY` or Bedrock (`CLAUDE_CODE_USE_BEDROCK=1` with `AWS_BEARER_TOKEN_BEDROCK`, `AWS_ACCESS_KEY_ID` / `AWS_SECRET_ACCESS_KEY`, or `AWS_PROFILE`); Codex: `CODEX_API_KEY` or `OPENAI_API_KEY` |
## Architecture
```
+------------------------------------------------------------------------------+
| Browser |
| App UI, chat, generated app iframe |
+-----------------------------------+------------------------------------------+
|
| REST + SSE
v
+------------------------------------------------------------------------------+
| Web (Next.js) |
| Public entrypoint, auth, workspace guards, API routes, reviews |
| Tool execution, secret resolution, app data, auditability |
+------------------+--------------------------+--------------------------+------+
| | |
| private HTTP + SSE | persistent state | replay + events
| internal auth | Change Streams | OAuth state + locks
v v v
+---------------------------+ +---------------------------+ +------------------+
| Worker (Hono) | | MongoDB Replica Set | | Redis |
| Claude Code, Codex | | workspaces, apps, runs | | stream replay |
| OpenCode, app agents | | app_data, audit logs | | workspace pubsub |
+-------------+-------------+ | integration metadata | +------------------+
| +---------------------------+
|
| internal callbacks
| /api/internal/*
v
+------------------------------------------------------------------------------+
| Web-owned governed layer |
| Tool calls, app-data writes, approvals, tenant boundaries |
| Secrets stay server-side before reaching external systems |
+-----------------------------------+------------------------------------------+
|
| server-side tools
v
+------------------------------------------------------------------------------+
| External systems |
| OAuth providers, APIs, internal services |
+------------------------------------------------------------------------------+
```
Agents run in the Worker. App-data writes, tool calls, secret resolution, and audit trails go through the Web layer, so the Worker can run agents without becoming the source of truth for permissions or data.
## CLI
Run Second locally with one command:
```bash
npx --yes @second-inc/cli
```
| Platform | Status |
|:---|:---|
| Apple Silicon Mac (M1-M5) | **Available now** |
| Linux x64, Windows via WSL2 | Experimental |
| Intel Mac, native Windows | Coming soon |
CLI Commands
```bash
npx --yes @second-inc/cli # Start Second
npx --yes @second-inc/cli stop # Stop all services
npx --yes @second-inc/cli reset # Stop + delete all data
npx --yes @second-inc/cli --port 4000 # Custom port
npx --yes @second-inc/cli --disable-telemetry # No analytics
```
### Windows via WSL2
Second does not currently run from native Windows PowerShell or Command Prompt. On Windows, run it through WSL2:
1. Open PowerShell as Administrator.
2. Install Ubuntu on WSL2:
```powershell
wsl --install -d Ubuntu
```
3. Restart Windows if prompted.
4. Open Ubuntu from Windows Terminal or the Start menu.
5. Create the Ubuntu username/password when prompted.
6. In Ubuntu, install Node.js 20+ and npm.
7. Start Second from the Ubuntu terminal:
```bash
npx --yes @second-inc/cli
```
Development from Source
**Prerequisites:** Node.js 20+, npm 10+, Docker Desktop
This starts MongoDB + Redis in Docker, and the web + worker processes on your host. Open the URL printed by the script or check `.second-dev.txt`.
```bash
git clone https://github.com/Second-Inc/second.git
cd second
npm run dev
```
## Contributing
We welcome contributions. See [CONTRIBUTING.md](CONTRIBUTING.md) and the
[docs](https://docs.second.so) for architecture details and development setup.
Report security issues privately; see [SECURITY.md](SECURITY.md).
Second is licensed under the Apache License 2.0.